In the first six months of 2013, 53 percent of cybersecurity incidents were in the energy sector, according to the Department of Homeland Security. As cyber-attacks are becoming increasingly prevalent in industries that support our critical infrastructure, it’s crucial that business leaders adopt security process designed to address these new threats. Are you ready?

While I was at CERAWeek last month, former US Secretary of Energy, Daniel B. Poneman, and Under Secretary, NPPD, US Department of Homeland Security, Suzanne Spaulding had a message to attendees. Their message was clear:

Cyber Security is a “C-Suite” topic of Enterprise Risk Management.

Their recommendations are strong: Security needs to be baked it in from the beginning! Physical and Cyber Security and Secure Coding of Software!

Digital strategy and business strategy are becoming one and the same. Forward-looking energy firms see opportunity in today’s turbulent market and seek to pull ahead by changing their operating models through the Internet of Everything (IoE). Transformative digital technologies have to potential to deliver many advantages to O&G firms, including increased business agility and risk awareness, lower cost of operations, and reduced downtime. But before the industry can embrace these new strategies, an effective, end-to-end cybersecurity approach—including alignment between IT and OT—is needed.

Security a Catalyst for Transformation
Digital transformation means that a range of new and diverse devices are connecting to industrial oil and gas networks, generating greater amounts of data. When managed effectively, this data delivers the right information to the right place, at the right time, helping create a competitive advantage. However, as the IoE proliferates, the accompanying explosion of devices and applications will lend itself to increased areas of attack that criminals will seek exploit.

Oil and gas companies must replace traditional approaches like physical segmentation and security by obscurity. They need an integrated approach where information flows in real time to enable immediate action. Cybersecurity doesn’t need to be an inhibitor. It should be the catalyst for new ways of working. It can help oil and gas companies work more safely and better protect the environment by obtaining remote visibility and control over operations, including processes in refineries. It can make processes more efficient, increase production and reduce overall costs.

Addressing the Entire Threat Continuum
Cyber-attacks occur on a continuum of before, during, and after. The same digital hyper-connectivity that oil and gas managers use to collect data and control machines and processes, can also allow cyber attackers to get into system networks and steal or alter classified information, disrupt processes and cause damage to equipment. Threats to a company’s information systems and assets could come from anywhere. State and non-state actors from around the globe are constantly working to penetrate the networks of energy providers and other critical infrastructures in the U.S.

Energy firms must address this entire continuum with a visibility-driven, threat -focused, and platform-based framework:

Visibility-driven means having an accurate, real-time view of the network fabric, endpoints, mobile devices, applications, virtual environments, the cloud, and their interrelationships. High visibility allows you to make sense of billions of devices, applications, and their associated information, while helping you see an attack coming, control the environment, and mitigate threats.

Threat-focused means focusing on detecting, understanding, and stopping threats. Policies and controls reduce the surface area of attack, but threats still get through. Focusing on threats can help you identify threats and indicators of compromise based on a well-honed understanding of normal and abnormal behavior. This requires continuous analysis and real-time cybersecurity intelligence across all technologies. With contextual awareness, you can identify false-positives and assess the impact of a threat.

Platform-based means we have an integrated system of agile and open platforms that cover the network, devices and the cloud. It is a true platform of scalable, easy-to-deploy services and applications. You gain powerful end-to-end visibility with centralized management for unified policy and consistent controls

Securely Converge IT and OT
As oil and gas companies embrace the IoE, they bring together the use of information technology (IT) and operational technology (OT). Security needs to be as pervasive and applied in a unified way across the extended network. Physical and cybersecurity solutions must work intelligently together to reduce unauthorized system access – in order to protect networks, devices, applications, users and data. For example, in many oil and gas companies today, upstream and downstream domains use different solutions for common tasks such as asset performance management. In addition, OT is often managed autonomously from IT, even for critical functions such as reliability and cybersecurity.

Cisco has the broadest set of solutions covering the broadest set of attack vectors, leveraging both global and local intelligence. Cisco’s Secure Ops Solution is helping oil and gas companies secure industrial control networks by combining on-premises technology, processes, and managed services. For example, Royal Dutch Shell (Shell) was challenged with increasing its security maturity level. By implementing the Secure Ops Solution, Shell was able to improve its cyber security and risk management, lowering costs of delivery while significantly reducing its costs of securing the process control systems that keep billions of pounds of toxic material under control. Cisco Secure Ops Solution provides remote proactive monitoring and Service-Level-Agreement (SLA) driven management of security, applications and infrastructure, making it easier to:

Dan O’Malley talks about Cisco Systems offerings that are resonating in the Energy Industry and elsewhere. Cisco helps customers pre-plan for storms and to respond to disasters with sophisticated collaboration and device connectivity enabling technologies.

Many new technologies enable worker safety and visibility using 2-way radios, smart devices, and mobile broadband “connecting people and devices and work crews together smartly over the internet”. In the video Dan talks about the challenges customers face and how Cisco is helping them get ‘positive business outcomes’.

Yes – I know what you mean – what does that really mean? Well, mother nature doesn’t always cooperate, so getting outages dealt with as quickly as possible is one positive outcome. Keeping in touch with workers, especially those in dangerous areas, and warning them if safety issues occur is another. And maybe even having ‘wearable’ biometric devices attached to workers to see how they’re doing physically, and monitoring their vitals in real time by operations centers. That’s another.

Just keeping track of field workers is a challenge – and making best use of a constrained ‘expert pool’ might be another. Some newer ‘millennial’ devices are, of course, part of the architectural approach, but so are traditional two-way radios and other devices – so that everyone can communicate and collaborate to get the job done. And it’s getting the job done that really gives good business outcomes – ask any customer!

So, in the words of Dan:

It’s about smartly connecting people, and devices and work-crews together smartly over the internet. That’s what we do.

As organizations such as utilities, oil, gas and energy companies, and municipalities, look to leverage new IoT applications, demand is growing for a quick and simple way to deploy Field Area Network (FAN) pilots, as well as reduce the cost of deploying a secure network infrastructure for medium and small size deployments

Gaurav Agarwal, Technical Marketing Engineer, Vertical Solutions, Cisco, provides a short introduction to the Cisco Industrial Operations Kit and how it virtualizes deployment to reduce setup time to days for Field Area Networks and Industrial Networks.

It’s all about Cisco helping customers start to deploy multi-service FAN solutions quickly and more cost-effectively. By actually virtualizing secure network services on a single Cisco Unified Computing Server, the Industrial Operations Kit can now be deployed in a matter of days, instead of weeks (or, in some cases, saving months!).

It’s based on the Connected Grid Network Management System and plays a critical role in creating efficient, secure and affordable industrial architectures for small to midsize organizations and large field area network pilots.

Here’s what Kip Compton, vice president of IoT Systems and Software, Cisco, had to say at the launch “The IE 4000 and Industrial Operations Kit demonstrate how Cisco is taking the lead in bringing IoT capabilities to customers of all sizes. The market is demanding new infrastructure capabilities, and Cisco’s leadership in Gigabit switching technologies and comprehensive, end-to-end field network deployment offerings puts us in a unique position to help organizations build out long term strategies that address the challenges of an IoT environment. We have developed these offerings to give customers the ability to accelerate their IoT innovations.”

Jeff Carkhuff, vice president of global solutions marketing for electricity, Itron was quoted as saying: “…With the Cisco Industrial Operations Kit, we are able to offer our customers more choices to match their specific needs, giving them an easy path to more IoT-friendly environments.”Read More »

Many of you may have missed the recent presence of Cisco at DistribuTECH in San Diego last month, so that blog is summarized here and a link to the live blog is given at the end of this summary:

At DistribuTECH, Cisco had the pleasure of engaging with attendees, demonstrating how utilities the world over have worked with Cisco and our partners to reduce costs and deliver more services on a single, intelligent and secure platform. The IT model we shared is one that brings innovation to the Operational Technology (OT) environment, integrating information, data, people and processes – the building blocks for the Internet of Everything.

In the included video Bit Stew went on to talk about how they’re taking their software, embedding it in Cisco routers, putting it inside substations, allowing that intelligence and that automation to happen in real time, right at the edge of the network, yet tie back into cloud based systems. This technology is brought to life at major utilities such as BC Hydro, a Canadian electric utility in the province of British Columbia, which first introduced smart meters in 2011. Find out more by reading the whole blog below.

Founded in 1915, Black & Veatch is a leading global engineering, consulting and construction company, specializing in Energy, Water, Telecommunications, Federal, and Management Consulting. Black & Veatch’s annual Strategic Directions Report identifies top of mind issues based on a compilation of data and analysis from an industry-wide survey. The complete report is available from the Black & Veatch website.

The report notes that utilities and communities, with the proliferation of smart devices, automation and the use of analytics are transforming development and delivery of key infrastructure services to become more responsive, efficient and resilient.

Especially relevant to Cisco’s engagement with the utility industry and communities around the world is Black & Veatch’s observation that as legacy equipment is replaced or upgraded, IP-based technology is creating new opportunities. Connected devices on utility telecommunications infrastructure is now widely recognized as “…an essential element of the Internet of Things (IoT).”

Advanced metering Infrastructure (AMI) has often been thought of as synonymous with “Smart Grid”, but the expectations of real-time pricing or even time-of-use (TOU) rates and demand side management are far from the top of the list of top areas enabled by increased data management and analytics. The top three listed in the report are:

Asset Management (67%)

Capital Investment (45%)

Customer Service/Engagement (27%)

More than 63% of electric utilities report plans to replace, upgrade or build communications infrastructure in the next 5 years, with IP leading the way as the network protocol standard including SCADA systems.

“Some utilities are completely embracing a converged mentality and running everything over a shared infrastructure, while others are moving more cautiously by keeping protective relaying and other mission-critical applications separate from the converged network.”

The report notes that some utilities are more focused on the cost of maintaining and replacing outdated equipment and are unconvinced that smart grid technologies and automation are critical, but concludes, “Staying on the sidelines carries risk.”

Budget concerns dominate the obstacles to new technology implementation, and convincing stakeholders is key to addressing cost and perception issues.

“For organizations that provide essential services, this represents the greatest transformation in utility operations in decades. For the smart city, it will facilitate the transformation to becoming a better place to live and a more friendly and desirable place to do business for generations to come.”

Black & Veatch and Cisco partner to create architectures for electricity, natural gas, solar and wind customers that provide secure and optimized network integration for smart grid environments. If you’d like to know more about our work together, contact me by commenting on this blog.

Some of the individuals posting to this site, including the moderators, work for Cisco Systems. Opinions expressed here and in any corresponding comments are the personal opinions of the original authors, not of Cisco. The content is provided for informational purposes only and is not meant to be an endorsement or representation by Cisco or any other party. This site is available to the public. No information you consider confidential should be posted to this site. By posting you agree to be solely responsible for the content of all information you contribute, link to, or otherwise upload to the Website and release Cisco from any liability related to your use of the Website. You also grant to Cisco a worldwide, perpetual, irrevocable, royalty-free and fully-paid, transferable (including rights to sublicense) right to exercise all copyright, publicity, and moral rights with respect to any original content you provide. The comments are moderated. Comments will appear as soon as they are approved by the moderator.